package com.qkjia.oauth2jwtserver.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;

/**
 * Description:资源服务器配置
 *
 * @author JourWon
 * @date 2019/12/23 16:55
 */
@Configuration
@EnableResourceServer//@EnableResourceServer阻止来自OAuth服务器的登录页面
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()//授权请求
                .anyRequest()//请求
                .authenticated()//已认证
                .and()
                .requestMatchers()//请求匹配器 .antMatchers("/oauth/**", "/login/**", "logout/**")//蚂蚁匹配器
                // 配置需要保护的资源路径
                .antMatchers("/user/**");
    }

}
